Chapter 5. Authentication

5.1. Implementing PAM Authentication

Red Hat Satellite supports network-based authentication systems such as LDAP and Kerberos, using Pluggable Authentication Modules (PAM). PAM is a suite of libraries that helps system administrators integrate the Satellite with a centralized authentication mechanism, thus eliminating the need for remembering multiple passwords.

For more detail about configuring PAM, see the Pluggable Authentication Modules (PAM) in the Red Hat Enterprise Linux Deployment Guide.

Note

For Kerberos-authenticating users, change the password by using kpasswd. Do not change the password on Red Hat Satellite web application as this method only changes the local password on the Satellite server. Local passwords are not in use if PAM is enabled for that user.

Restart the service to pick up the changes:

# rhn-satellite restart

To enable a user to authenticate against PAM, select the checkbox labeled Pluggable Authentication Modules (PAM). It is positioned below the password and password confirmation fields on the Create User page.